Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/65e296-72aa-488a-a433-9aa4d2f9aff1/1/gHAu016O_uBMqrmZhCa8PUPK6yw.mft
File:                     gHAu016O_uBMqrmZhCa8PUPK6yw.mft (raw, json)
Hash identifier:          S0IPWlgHuhgoj7nuWBXWkJKzGrYKScRXcKgKXLb1Llw=
Subject key identifier:   4A:87:BC:EF:FF:FE:51:AA:E2:16:55:28:1E:D6:ED:AA:91:6E:DC:EE
Authority key identifier: 80:70:2E:D3:5E:8E:FE:E0:4C:AA:B9:99:84:26:BC:3D:43:CA:EB:2C
Certificate issuer:       /CN=80702ed35e8efee04caab9998426bc3d43caeb2c
Certificate serial:       01901D4616836662827D065DB1F29D52860B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gHAu016O_uBMqrmZhCa8PUPK6yw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9a/65e296-72aa-488a-a433-9aa4d2f9aff1/1/gHAu016O_uBMqrmZhCa8PUPK6yw.mft
Manifest number:          020F
Signing time:             Sat 15 Jun 2024 19:00:50 +0000
Manifest this update:     Sat 15 Jun 2024 19:00:50 +0000
Manifest next update:     Sun 16 Jun 2024 19:00:50 +0000
Files and hashes:         1: gHAu016O_uBMqrmZhCa8PUPK6yw.crl (hash: 2G5cGMZteF1Exk16kRRkuD+4W2Xcpa52XsME/3qQscE=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9a/65e296-72aa-488a-a433-9aa4d2f9aff1/1/gHAu016O_uBMqrmZhCa8PUPK6yw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9a/65e296-72aa-488a-a433-9aa4d2f9aff1/1/gHAu016O_uBMqrmZhCa8PUPK6yw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gHAu016O_uBMqrmZhCa8PUPK6yw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 14:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1d:46:16:83:66:62:82:7d:06:5d:b1:f2:9d:52:86:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=80702ed35e8efee04caab9998426bc3d43caeb2c
        Validity
            Not Before: Jun 15 19:00:50 2024 GMT
            Not After : Jun 16 19:00:50 2024 GMT
        Subject: CN=4a87bceffffe51aae21655281ed6edaa916edcee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:52:6e:7c:6f:4f:71:5a:e6:e7:3f:10:58:ae:
                    ee:37:72:27:97:25:81:b5:97:de:d0:f9:75:ac:ab:
                    ed:ed:0d:a8:f9:00:b3:56:cf:c8:46:7f:88:44:e3:
                    1d:54:23:c1:bd:5f:6f:b5:58:dd:58:86:f7:e7:ea:
                    1a:28:b5:c7:1b:04:f4:4a:81:3b:5f:c8:77:bd:da:
                    90:63:3b:aa:28:db:bc:14:39:4b:50:ab:4c:c2:78:
                    36:22:04:05:72:b0:51:79:a1:f1:f4:ef:92:d0:42:
                    69:77:54:ed:f9:fe:77:15:1b:06:02:bc:0c:3d:cb:
                    a7:d5:41:78:69:fd:ef:ab:a0:76:1b:e8:06:c5:96:
                    ae:84:8a:08:86:b0:9c:d1:66:3c:e3:35:78:9e:c6:
                    e3:5e:6b:a6:2b:15:d6:a3:3b:41:78:f9:65:1d:0e:
                    65:93:5e:25:b0:eb:3c:9b:a3:66:65:2f:38:19:42:
                    da:47:30:5a:04:cb:0a:47:13:e8:49:a7:d8:c3:aa:
                    f8:be:66:a3:ae:61:24:d4:7b:ba:54:6a:a8:12:0a:
                    93:34:e8:ab:02:e0:7b:70:9c:ac:0d:e2:17:8b:4c:
                    08:e3:d6:f2:51:f1:9a:6f:90:ac:58:11:1f:17:29:
                    74:ea:e1:65:84:b8:1a:27:5d:8c:37:f4:c3:34:53:
                    28:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:87:BC:EF:FF:FE:51:AA:E2:16:55:28:1E:D6:ED:AA:91:6E:DC:EE
            X509v3 Authority Key Identifier:
                keyid:80:70:2E:D3:5E:8E:FE:E0:4C:AA:B9:99:84:26:BC:3D:43:CA:EB:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gHAu016O_uBMqrmZhCa8PUPK6yw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/65e296-72aa-488a-a433-9aa4d2f9aff1/1/gHAu016O_uBMqrmZhCa8PUPK6yw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/65e296-72aa-488a-a433-9aa4d2f9aff1/1/gHAu016O_uBMqrmZhCa8PUPK6yw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:c3:6e:4f:25:1c:e3:f0:b9:55:93:a8:cd:31:46:e8:22:88:
         4f:94:cb:c7:73:45:fe:c0:e8:bb:21:9b:a8:8e:18:56:be:69:
         3e:84:2c:95:3b:93:9d:95:24:dd:2e:fa:5c:00:6e:b5:c8:dd:
         c2:a3:db:e0:05:b9:bb:4e:a5:41:5f:82:c1:8d:1e:9c:7a:36:
         79:89:a6:7a:0a:e2:d8:71:17:b3:42:7a:33:89:0a:c1:aa:a5:
         dd:f1:90:6d:24:e0:51:65:84:1a:ee:55:30:d8:b9:30:b8:7b:
         0c:50:4d:2c:74:38:d0:71:77:8e:5e:ce:74:99:3e:14:78:d9:
         6f:ad:d9:3e:c6:85:3f:0d:b5:cd:30:43:2d:30:db:1a:6e:79:
         45:17:4d:70:a1:b5:46:33:af:f8:2c:e5:30:ec:7e:be:89:a1:
         73:78:0e:04:cb:ff:6c:bb:5b:55:1b:d3:42:ad:fd:95:55:e5:
         7d:eb:28:80:a2:c5:e7:d3:18:ce:40:7b:d6:03:b1:9d:e0:9d:
         88:d4:bf:5d:1d:95:4c:2a:9d:63:1f:59:24:b8:dd:f1:66:d8:
         25:cf:f0:eb:17:33:2b:44:63:0d:4d:f5:e2:1c:31:b4:84:5a:
         9d:de:f6:02:24:54:95:49:a5:f4:bd:43:d0:00:4b:e7:e8:4e:
         b8:a4:1b:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAdRhaDZmKCfQZdsfKdUoYLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNzAyZWQzNWU4ZWZlZTA0Y2FhYjk5OTg0MjZiYzNkNDNj
YWViMmMwHhcNMjQwNjE1MTkwMDUwWhcNMjQwNjE2MTkwMDUwWjAzMTEwLwYDVQQD
Eyg0YTg3YmNlZmZmZmU1MWFhZTIxNjU1MjgxZWQ2ZWRhYTkxNmVkY2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0VJufG9PcVrm5z8QWK7uN3InlyWB
tZfe0Pl1rKvt7Q2o+QCzVs/IRn+IROMdVCPBvV9vtVjdWIb35+oaKLXHGwT0SoE7
X8h3vdqQYzuqKNu8FDlLUKtMwng2IgQFcrBReaHx9O+S0EJpd1Tt+f53FRsGArwM
Pcun1UF4af3vq6B2G+gGxZauhIoIhrCc0WY84zV4nsbjXmumKxXWoztBePllHQ5l
k14lsOs8m6NmZS84GULaRzBaBMsKRxPoSafYw6r4vmajrmEk1Hu6VGqoEgqTNOir
AuB7cJysDeIXi0wI49byUfGab5CsWBEfFyl06uFlhLgaJ12MN/TDNFMoSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEqHvO///lGq4hZVKB7W7aqRbtzuMB8GA1UdIwQY
MBaAFIBwLtNejv7gTKq5mYQmvD1DyussMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0hBdTAxNk9fdUJNcXJtWmhDYThQVVBLNnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS82NWUyOTYtNzJhYS00ODhhLWE0MzMt
OWFhNGQyZjlhZmYxLzEvZ0hBdTAxNk9fdUJNcXJtWmhDYThQVVBLNnl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS82NWUyOTYtNzJhYS00ODhhLWE0MzMtOWFhNGQyZjlhZmYx
LzEvZ0hBdTAxNk9fdUJNcXJtWmhDYThQVVBLNnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEMNuTyUc
4/C5VZOozTFG6CKIT5TLx3NF/sDouyGbqI4YVr5pPoQslTuTnZUk3S76XAButcjd
wqPb4AW5u06lQV+CwY0enHo2eYmmegri2HEXs0J6M4kKwaql3fGQbSTgUWWEGu5V
MNi5MLh7DFBNLHQ40HF3jl7OdJk+FHjZb63ZPsaFPw21zTBDLTDbGm55RRdNcKG1
RjOv+CzlMOx+vomhc3gOBMv/bLtbVRvTQq39lVXlfesogKLF59MYzkB71gOxneCd
iNS/XR2VTCqdYx9ZJLjd8WbYJc/w6xczK0RjDU314hwxtIRand72AiRUlUml9L1D
0ABL5+hOuKQbrA==
-----END CERTIFICATE-----